Category: Computing, Wordpress Tags: ,

Protect Your Wordpress Directory from Public Browsing

Posted November 10th, 2008 by nazham

Found a really good Wordpress security tips a while ago:

Directories should not be left open for public browsing.

There is a potential problem letting people know what plug-ins you have, or what versions they are. If there is some known exploit that is linked to a plug-in, it could be easy enough for someone to use it to their advantage.

To test whether your site is vulnerable to this issue, just go to http://<your_site>/wp-content/plugins
Your site SHOULDN’T be listing all the plug-ins available on your site.

It’s fairly simple to protect your Wordpress installation from public browsing:
1. Make an empty wp-content/plugins/index.html file
Or
2. just add this line in your .htaccess file in your root:
Options All -Indexes

Related posts:
  1. WordPress 2.7 “Coltrane” Available Now Following my previous post, Wordpress 2.7 Coming Tomorrow, which meant...
  2. Creating an Author Page for your Blog (Wordpress) Nazham.com have multiple authors. Wouldn’t it be great if it...
  3. WordPress 2.7 coming tomorrow According to DownloadSquad and Wordpress.com, Wordpress 2.7 is coming out tomorrow....
  4. Getting Dell XPS Trackpad to work on Ubuntu Hardy I had trouble getting my Dell XPS M1530 track pad/touch...

You can follow any responses to this entry through the RSS 2.0 feed.

Comments

  1. From dirn on November 10th, 2008 at 11:02 pm

    thanks bro…

  2. From azlan on November 10th, 2008 at 11:10 pm

    good info…aku baru tau camna..nampak sangat aku malas membaca…muahahah

  3. From dirn on November 10th, 2008 at 11:14 pm

    sama la kita lan….:P

  4. From nazham on November 10th, 2008 at 11:15 pm

    May your blogs be safe. :)

  5. From Kathy @ Virtual Impax on November 12th, 2008 at 5:33 am

    EXCELLENT advice. My other “favorite” security plug in for Wordpress is Login LockDown from Bad Neighborhood!

  6. From nazham on November 12th, 2008 at 6:58 am

    Yup, that’s a very important security plugin to prevent brute-force attacks.

  7. From Yoko on November 12th, 2008 at 12:00 pm

    Good info!!! Thanks for sharing.

Previous Post
Next Post

RSS

Subscribe Now:

About Me

nazham.comBorn and lives my life in the wonderful country of Malaysia. I have been a Software Engineer, and loving it. I built this site as a main purpose of sharing and giving back to the community. Please feel free to give feedbacks and let me know if there's any errata found on this site.